Mal Contents

Those of you who run a Windows OS computer know that Windows 2000 was the first modern, fully reliable version. But until now, the default settings and factory functionality weren't, shall we say, the most secure.

This month, I'm delving into the slightly arcane world of malware, those lovely little bits of code that slither, sneak, snoop and spy on your actions, and, if you're not so lucky, may even hand control of your box over to some for-hire script kiddie who will proceed to make some money off of you without your knowledge. Spyware, adware, browser hijackers, background dialers — every day, there are more threats, but, will wonders never cease, the folks in Redmond, Wash., the home of Microsoft, have come to our rescue.

First, let's talk about what malware is and isn't. Viruses, worms and Trojan horses, though all denizens of the computing underworld, aren't generally considered malware. Here's a quick rundown of what is.

ADWAREAdware is usually thought of as simply displaying marketing messages via pop-ups or other annoyances. Make no mistake, pop-up ads are more effective than banners in both “click-through” and “conversion.” This high ROI (return on investment) means that, even if only two percent of viewers are stupid enough to click and then drop some dough (the “conversion” part), the advertiser is guaranteed to make a tidy profit. Because of adware's success, it is often co-opted as an enabler for covert installation of other malware and to forward key bits of information to opportunistic marketeers specifically for further intrusion.

Another variant of a pop-up is a pop-under. Just as the name implies, pop-unders spawn one or more browser windows that attempt to “hide” themselves behind existing windows.

SPYWARE AND FRIENDSSpyware comes in several forms, but all versions have one thing in common: They keep track of what you do while at your computer. Those actions may be relatively benign, such as simply reporting which Websites you visit or what search terms you enter to an interested party. More disturbing is spyware that scours your local disks for e-mail addresses, phone numbers and credit card accounts.

An interesting and dangerous spyware example is the keystroke logger, pernicious critters that are sometimes found in public environments like Internet cafés, invisibly recording all keystrokes, including passwords and bank accounts, to a file. Keystroke logger sessions can be sent via public networks to a third party or may be stored on covertly installed, unobtrusive removable media, such as a USB thumb drive, for later retrieval.

File sharers such as iMesh are another type of spyware conduit. They often carry malware baggage, adware or spyware that track user metrics and forwards that information to the marketing predators — Kazaa anyone?

DIALERSDialers are great if you own a 900 number service: A dialer configures a modem to dial your 900 number and you get boatloads of money while the clueless sap at the other end gets socked with a hefty bill.

How, you may ask, did we all get saddled with this crap? Unlike the second- and third-place desktop operating systems, Linux and Mac OS, respectively, Windows used to ship in such a vulnerable state that it was waiting — literally with open arms — for some creep to sneak up and take advantage of it. Years ago, Microsoft started babbling about security, but now the company has done something about it: Windows XP Service Pack 2, “with advanced security technologies.” Why it has taken this long for so little is a whole 'nother article, but suffice to say, if you've survived the XP SP2 update, then your computing experience will be improved.

For those of you who can't move to XP, either because of licensing costs or compatibility issues, take heart — there are several things you can do. One is to toss out that Microsoft browser. Not literally, as Windows Update won't run without it, but for day-to-day work, you can ignore it in favor of products designed by more thoughtful engineers. This will not only make your day better, but it will have a positive peripheral effect in that, as fewer people use Internet Explorer, the Websites will move from Internet Explorer — specific frameworks to ones based on open standards, which is good for everyone.

In the enterprise world, some companies are locked into using Internet Explorer because of the mechanism that makes it such a high security risk: ActiveX. Build in the capability to remotely control my computer without my knowledge and I call that a really desirable feature! If you're running XP, you'll eventually get a new locked-down version, but for those of us running W2k and earlier, all you can do is patch until your eyeballs roll up, manually improve security settings and substitute with third-party products.

Most of you out there aren't so constrained to using Internet Explorer and can switch to a less-vulnerable, more configurable and stable alternative, like the most current versions of Mozilla, Firefox or Opera. All excellent choices, and the first two are free. I stress the most recent version because, even as I was trying to finish this piece, I read that old-school pop-up blockers are no longer effective. The latest versions of Opera, Safari, Firefox and Internet Explorer for XP SP2 all handle the new scam. Once you've downloaded the current version of your favorite, check its preferences for a “Block All Pop-Ups” setting.

PROTECT YOURSELFOkay, enough of browser madness and on to specific utilities for malware mitigation. I can recommend three: Spyware Doctor (www.pctools.com), SpyBot-S&D (www.safer-networking.org) and, best of all, AdAware SE Personal (www.lavasoft.com). These kids play quite well together (the latter two on my W2k system anyway) and all three score light hits on your wallet.

AdAware is a standout, especially because it's free. The user interface is nothing to write home about, but, like a good little soldier, it fights the good fight. As for Spybot, a nice feature and some of its anti-malware brethren is the option to perform a backup of your registry in case something steps on that holy of holies later on. Whichever ones you choose to use — and I suggest you use several as they all catch different beasties — be sure to keep them up to date as the rules change day to day.

Most malware, at least the browser-based discussed here, is user-installed. Yup, you can only blame yourself for most malware infections. Don't visit Websites because they may be “interesting,” especially if they offer some mass-market commodity such as pictures, music, a utility or other software downloads. Don't agree to a software license unless you are either very sure of the vendor's credentials or you're willing to clean up a real mess after the fact.

Why do people make this stuff? Basically, either self-aggrandizement or money. Mostly money. Adware can become a marketing engine, and often the author receives remuneration from each instance that the mechanism succeeds. Don't let them succeed with your computer. Surf smart.

Omas is pleased to see that the synth on which he learned additive synthesis so long ago is now in Version 2, at least in the virtual sense. Arturia's Moog Modular may look like my original wood-and-metal teaching aid, but it sure ain't as finicky!

LOGGING BANWant to keep removable storage media out of the picture on your machines? The folks at SmartLine (www.smartlineinc.com) provide DeviceLock to reduce data migration through portable devices hanging off of FireWire or USB ports. According to SmartLine, “Using DeviceLock, network administrators can lock out unauthorized users from USB and FireWire devices, WiFi and Bluetooth adapters, CD-ROM and floppy drives, serial and parallel ports, and many other plug-and-play devices.” Admins can define access privileges based on date, time, user and individual devices. No more mixes walking out the door on someone's iPod without your permission!